".htaccess" tips and tricks
By using .htaccess files, we can control access to our web content by allowing/blocking certain user or ip addresses to access.
You may ask why do we need that, if you can do the same by using options like “order, limit” to restrict ip addresses and user actions in httpd.conf.
Fair enough, but there is some limitations.
Given below example:
1) Let say you are a system administrator in ABC company and your company have a few branches over the world. All these branches located in Malaysia, Singapore, Taiwan and China. And each branches will have their own web directories to store all the documents.
Each branches office have a static ip and domain name
Malaysia 1.2.3.4 www.abc.my
Singapore 2.3.4.5 www.abc.sg
Taiwan 3.4.5.6 www.abc.tw
China 4.5.6.7 www.abc.cn
Scenario 1:
You boss came to you and ask whether you could restrict all the web directories, that only allow all the branches access, public user shouldn’t be able to view or access to it. Well, it’s easy , you just need to change the httpd.conf
httpd.conf
AllowOverride None Options AuthConfig # Allow use of the authorization directives
Order deny,allow
deny from all
allow 1.2.3.4
allow 2.3.4.5
allow 3.4.5.6
allow 4.5.6.7
Scenario 2:
But, in the same time , he wants to access all these directories from his house, which using dial up connection and doesn’t have a static ip address.
Either you advice him to apply a fix line or ask him to register dynamic dns, definitely your boss will not like it.
So the best solution is to control the web content with valid ‘username’ and ‘passwd’,
Simply create a .htaccess in protect folder and add the following lines
Options Indexes #to enable directory listing
AuthName “Password Protected by .htaccess“ #Message that prompt when asking for username and password
Authtype Basic
AuthUserFile /usr/local/apache2/passwd #password file location
require user boss #username boss
satisfy any #either u r using malaysia,china,singapore n taiwan ip or u have a valid username and password, then u can view and access this directory
if ‘satisfy all’, mean you must have one of the country ip and have to provide valid username and password in order to access.
Generate username and password file
htpasswd -c /usr/local/apache2/passwd boss
-c is to create new passwd file, if u want to use back the existing password file
htpasswd /usr/local/apache2/passwd boss2
Done. It would be easier and provide more flexibility rather than changing the httpd.conf file and restart the webserver to apply the change.
In this blog, I'll share my knowledge, discovery and experience related to IT and administering Linux. Most articles on this site are IT related and My Life journal. 
Or, subscribe via email: